| boatytwitch1.hopp.to/secure | 185.230.60.180 | 301 Moved Permanently | 126 B |
URL HTTP/1.1boatytwitch1.hopp.to/secure IP185.230.60.180:0
File typeHTML document, ASCII text, with no line terminators Hash24458d9515a9241a30d795bdc5c2052f 2a356bae204b2d064d18374042181e29ba6a9b2a ed600e6e319a76990bfa39d9b1a0d746a446d1b01c5fa8e757d1ffda54b3140f
GET /secure HTTP/1.1
Host: boatytwitch1.hopp.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Dec 2022 00:34:44 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 126
Connection: keep-alive
location: https://boatytwitch1.hopp.to/secure
vary: Accept
pragma: no-cache
cache-control: no-store, no-cache
X-Seen-By: 6ivkWfREES4Y8b2pOpzk7Owfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLp4sYwYx2UgZC4DZhzpOwcVGkFvVdT2Nq6f3Hedj7ewB,jdDt270t0fniy2BugWKBrbLYPbF8SzTc92ul18QNFh4Avv2keo7siCcBxNlzvyIOMTeLBVDK/a6qZ188mGDv2g==,osV03DUdKaEVOGwoQFgPYpcO66dWL5+YlH52TSq+s04=,sQ19iEk473qMiaixh4sATrPKK1VJHnxj3Gd+a5lVIGc=,+uTU9+1sCZnsE97RKVWjWivqoch5nXwcpVTHPfTb7tGj2SF7rMzs3dZeZMIQ5lIv
X-Wix-Request-Id: 1671237284.3462980214709126783
Server: Pepyaka/1.19.10
X-Content-Type-Options: nosniff
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash96367f956a4177aec7e7e80221539d58 8dcad10fde96c139d1ef212388cb6755fe3fe077 f4f9bdb5180359dfd734cef1e6f1b54bc9d8f72cae557366eb74f22100b94dc4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4F9BDB5180359DFD734CEF1E6F1B54BC9D8F72CAE557366EB74F22100B94DC4"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7350
Expires: Sat, 17 Dec 2022 02:37:14 GMT
Date: Sat, 17 Dec 2022 00:34:44 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashae86164fd9297dfdc05d67d69284d70e 5e5f27e3fd492f715baa6820f05c0fafde4040b3 be20f6ae6a51d20611cb4d350b52a5d0a339af6722fe9b2482ef58826c1e9de0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE20F6AE6A51D20611CB4D350B52A5D0A339AF6722FE9B2482EF58826C1E9DE0"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3852
Expires: Sat, 17 Dec 2022 01:38:56 GMT
Date: Sat, 17 Dec 2022 00:34:44 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash555fc6e99ad3bf077d1c4b9b805e428d 4e800fc8e809a950288df0e94992084647762561 fac00cada519279717e2a13528cb202d292fc92ed5eb42782c41f8e7b9509eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAC00CADA519279717E2A13528CB202D292FC92ED5EB42782C41F8E7B9509EAF"
Last-Modified: Fri, 16 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6461
Expires: Sat, 17 Dec 2022 02:22:25 GMT
Date: Sat, 17 Dec 2022 00:34:44 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashb44c4b5daa307a355e7bab1c83c1ca82 dbd14cd873f1dd4502f277b3f51cb7bc8da0c080 fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 16 Dec 2022 23:45:13 GMT
content-type: application/json
age: 2971
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash53341dea33f4f3d9b4966f80589f429a 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WyR8xNdNEA3GjFZbd0ySaI1Ltr/q/jVtHl9BlefQnJ779cSU5+OBz4Hw3AdhwRtC01J0goH7dDc=
x-amz-request-id: 4J9B34W9F17E1VJE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 16 Dec 2022 23:51:33 GMT
age: 2591
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 17 Dec 2022 00:34:44 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 17 Dec 2022 00:08:00 GMT
age: 1604
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 472 B |
IP104.18.32.68:0
Hashe2e0da957a297d6bbb078284396239ab 180e280af478659fe2c652f1411b83c8299a2483 b2878576d7e642e8dc13da56a608810a5b7ffa467d6dc4e70e59cfe128f92aa9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 00:34:44 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 15 Dec 2022 23:35:58 GMT
Expires: Thu, 22 Dec 2022 23:35:57 GMT
Etag: "180e280af478659fe2c652f1411b83c8299a2483"
Cache-Control: max-age=514272,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77ab93257ff21bfa-OSL
|
|
| boatytwitch1.hopp.to/secure | 185.230.60.180 | 302 Found | 216 B |
URL HTTP/2boatytwitch1.hopp.to/secure IP185.230.60.180:0
File typeHTML document, ASCII text, with no line terminators Hashb94ebb25118ad3f7c9252e601eff7698 dd15a06379066e0274c897f27d080e6dd3a9c2af 8d3e8f6bffb9d4abaac9fb75794b239073ca3af131a4a96a058083b9b9a01ed3
GET /secure HTTP/1.1
Host: boatytwitch1.hopp.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sat, 17 Dec 2022 00:34:45 GMT
content-type: text/html; charset=utf-8
content-length: 216
location: https://secure.oldschool.com-fr.cz/m=weblogin/oldschool_login181,375,648,71156322,2912
vary: Accept, Accept-Encoding
pragma: no-cache
cache-control: no-store, no-cache
x-seen-by: m0j2EEknGIVUW/liY8BLLquxVSF9nMFA2iLo/JtJR4Qa0sM5c8dDUFHeNaFq0qDu,jdDt270t0fniy2BugWKBra2aXJU+QlSNZkIQDVbfRUY9z4JG7XPlJg/avZdiW+kfBFNjNRTmQgt5BwMmIVG00A==,osV03DUdKaEVOGwoQFgPYgwEf2P3a+d6tuWmxTIuXjc=,sQ19iEk473qMiaixh4sATrPKK1VJHnxj3Gd+a5lVIGc=,+uTU9+1sCZnsE97RKVWjWivqoch5nXwcpVTHPfTb7tGj2SF7rMzs3dZeZMIQ5lIv
x-wix-request-id: 1671237285.018298985235115923
server: Pepyaka/1.19.10
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash142400be99b933ea5e0c68ea6a6b3e89 80e94132940e5ebe69dd0a03396764127b8fda49 20e8cde3c6907a3c5d97fe9fbcf6a44035e1f7482f7e166adb2c38a30a9084ea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3099
Cache-Control: max-age=120226
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:34:45 GMT
Etag: "639c352c-1d7"
Expires: Sun, 18 Dec 2022 09:58:31 GMT
Last-Modified: Fri, 16 Dec 2022 09:06:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha381c1644524bc706698ebe1bda8eea8 58f2857becde9a746dce95af447f4229d7653b34 32241ffa5516a72d83eee660b3cc8486b51edeac262b435ec4c4d27922427c0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "32241FFA5516A72D83EEE660B3CC8486B51EDEAC262B435EC4C4D27922427C0D"
Last-Modified: Fri, 16 Dec 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21498
Expires: Sat, 17 Dec 2022 06:33:03 GMT
Date: Sat, 17 Dec 2022 00:34:45 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 35.162.125.72 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.162.125.72:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xRO43cRn1FfDaBbQAmRpdQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uQ9AHWHJemNCnVVjTwIsrQZ4/fk=
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash302bca8b4776eca1d6dc94dfc7822bd9 3be17682c8639eda9854fbc8b21f5e43efdce33d ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10563
Expires: Sat, 17 Dec 2022 03:30:49 GMT
Date: Sat, 17 Dec 2022 00:34:46 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash302bca8b4776eca1d6dc94dfc7822bd9 3be17682c8639eda9854fbc8b21f5e43efdce33d ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10563
Expires: Sat, 17 Dec 2022 03:30:49 GMT
Date: Sat, 17 Dec 2022 00:34:46 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash302bca8b4776eca1d6dc94dfc7822bd9 3be17682c8639eda9854fbc8b21f5e43efdce33d ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10563
Expires: Sat, 17 Dec 2022 03:30:49 GMT
Date: Sat, 17 Dec 2022 00:34:46 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash302bca8b4776eca1d6dc94dfc7822bd9 3be17682c8639eda9854fbc8b21f5e43efdce33d ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10563
Expires: Sat, 17 Dec 2022 03:30:49 GMT
Date: Sat, 17 Dec 2022 00:34:46 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716d5374-26a4-47e3-9c6a-62120a177040.jpeg | 34.120.237.76 | 200 OK | 9.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716d5374-26a4-47e3-9c6a-62120a177040.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2fae5a52ce167de2a060dc814a744e98 4b108a79a4ad796a34f4b2b8950df907137680e3 61e1fe4a8c074a031e0628ca393449e42d70dcf3411481936c26c1fad7a5451b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716d5374-26a4-47e3-9c6a-62120a177040.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9837
x-amzn-requestid: 7c104466-a4d8-4e03-94e6-79a18bd3bf54
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjWiEMlIAMFaaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce5c3-4b0e776f4f0edd533795a6ee;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:40:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XlYdfi_9fWjFtw83t9kvwNEzkpJSpsCtlZS3RLmUkk6FZqzVDvaIOg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 22:00:56 GMT
age: 9230
etag: "4b108a79a4ad796a34f4b2b8950df907137680e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfe9d995-0778-4444-81cd-99e5198ac11e.jpeg | 34.120.237.76 | 200 OK | 4.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfe9d995-0778-4444-81cd-99e5198ac11e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash0cfd12f93a2a0efcbdc0aadfc18263e8 93ece0b291bd44a399612b832d8c7e9767ba3ce9 d40ab574038fb1642b0d64b430339552761496a0d0b99e238bb4d4f87e822484
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfe9d995-0778-4444-81cd-99e5198ac11e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3953
x-amzn-requestid: e528941a-b54c-4275-bce0-91f4c9dd7f2e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c0NMpGvxoAMFmRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63918f1d-573aec4e11da97b91c9cd289;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 07:15:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EGZUDmBOdV3YlJvSlesXi32pbRvM-9nD3BDIcceYMjPG0vlNvKD1-A==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 06:47:00 GMT
age: 64066
etag: "93ece0b291bd44a399612b832d8c7e9767ba3ce9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0451e9f8-3fd9-47fc-b514-43008f53c76c.jpeg | 34.120.237.76 | 200 OK | 9.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0451e9f8-3fd9-47fc-b514-43008f53c76c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9a3a7ef8028514bc1687afffd5ab8748 c1258c5dc821250f9d2b80915d1fb3145e4f9f25 4fa357165b12c8bf9dcb1787c656e116ddfb741ca49738f124b949d120c39b65
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0451e9f8-3fd9-47fc-b514-43008f53c76c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9084
x-amzn-requestid: eef7bc24-2e2d-420f-8d5e-3cd86add3639
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKT24GhNIAMFjVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a6692-01d090e602c3e6575ce2988d;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 00:13:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3qa81WYkbh9LsK_ESDpc_M4XRGYJBdDlYLT0KJzLCjF-hEIxd0LjJQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 05:12:36 GMT
age: 69730
etag: "c1258c5dc821250f9d2b80915d1fb3145e4f9f25"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F765cd97f-0488-4b74-b4e5-b4cabf15fcea.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F765cd97f-0488-4b74-b4e5-b4cabf15fcea.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5570e4b36073a8e2d56511f38c28f770 d149581e2e4356f3dfc4e3163078c36192f6f6a9 3d3fce57a3e66c134150bbea646649ac548f68c000aa8a85b6a4c269314f8cd0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F765cd97f-0488-4b74-b4e5-b4cabf15fcea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10005
x-amzn-requestid: 34eb512e-27a3-4eb0-b6e5-58b36730f2e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c3fMoHUgoAMFbHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6392df1d-53073c865ce295963f1a0201;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 07:09:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ExXrhnm8w6nSr17xxbI3QZP_d3S_wsgiIoxBjgeyPACGR7h6a54GrQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 04:34:37 GMT
age: 72009
etag: "d149581e2e4356f3dfc4e3163078c36192f6f6a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce7eb005-df5e-4ad5-ab59-6dd5673202b8.jpeg | 34.120.237.76 | 200 OK | 8.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce7eb005-df5e-4ad5-ab59-6dd5673202b8.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash11eb1a344e317c9805c0ecf1643e4a04 cdd0dd4300113cee0eff7dd9b5fe2c9eb411f07a fc563a02dcd5eb90bde7d056bf8a832254c22b1d4baa7cabd83793b9a0edb47f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce7eb005-df5e-4ad5-ab59-6dd5673202b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8915
x-amzn-requestid: c83c95c2-600e-4e2b-bcda-916a57f9f53d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjC6HmlIAMF8Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce545-1678e01c32f054c665efd888;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AI1855uSgfHBqHOM_3xw8_HElfbuvQeFSCEurj8s-yRmUM_7FUrv9g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:46:47 GMT
age: 10079
etag: "cdd0dd4300113cee0eff7dd9b5fe2c9eb411f07a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashdce7a87ac0852f838007018af2e83cb5 379f7844a18284958ec0250cc45f2c91ac1ddfcf 31a5191700b9d5c2e471c0e6db15d43f1804b61c6a0867340e8001c32a0dabb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: f8f1832c-4269-4c4b-83c0-4c2d8c2fdd8f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjC7GLSIAMFd4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce545-4c54f9704a32da245a90ab0d;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CrmrekFQeOTjAkIBgbGSNGN66ysdrtGK1uuzJV-b6nB1WFrOrtf1OA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:19 GMT
age: 10467
etag: "379f7844a18284958ec0250cc45f2c91ac1ddfcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| secure.oldschool.com-fr.cz/m=weblogin/oldschool_login181,375,648,71156322,2912 | 93.158.238.139 | 200 OK | 3.4 kB |
URL HTTP/1.1secure.oldschool.com-fr.cz/m=weblogin/oldschool_login181,375,648,71156322,2912 IP93.158.238.139:0 ASN#60503 FNX Tecnologia LTDA
File typeHTML document, ASCII text, with very long lines (65484) Hash88911dcd41d7b5bb64ebdc457b6e51a3 d800174b30a2a02b1a5aa1b8c22d6a77f9cd6c80 2f83051fa47f478f7d0eb7c392c29234cecc849b17b59ffc90d76acc81ed06f2
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /m=weblogin/oldschool_login181,375,648,71156322,2912 HTTP/1.1
Host: secure.oldschool.com-fr.cz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 17 Dec 2022 01:35:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.34
Set-Cookie: PHPSESSID=h752mirk9cs2apqa5getjgd752; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
|
|
| secure.oldschool.com-fr.cz/assets/oldschool/css/vendor.css | 93.158.238.139 | 200 OK | 16 kB |
URL HTTP/1.1secure.oldschool.com-fr.cz/assets/oldschool/css/vendor.css IP93.158.238.139:0 ASN#60503 FNX Tecnologia LTDA
File typeUnicode text, UTF-8 text, with very long lines (65531), with no line terminators Hashcf972028c50eac5a73a0e4ebfd58b688 a57f6644b01015c1baeabfe948a58c69c5e7a808 28b3b6c2067d5a87be8251d2be34530775457a735a00495c549cc06ceef34a0f
GET /assets/oldschool/css/vendor.css HTTP/1.1
Host: secure.oldschool.com-fr.cz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.oldschool.com-fr.cz/m=weblogin/oldschool_login181,375,648,71156322,2912
Cookie: PHPSESSID=h752mirk9cs2apqa5getjgd752
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 17 Dec 2022 01:35:40 GMT
Content-Type: text/css
Last-Modified: Sun, 17 Mar 2019 14:40:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"5c8e5c74-1c235"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash385bad1390edf4dc694548a3f7b16281 57536fa694ef8306c436a37dbfc2f82af2344120 e6ad8e17f7b82dc9b46e5e99a73b59fa284fa72cf737dada269da9cf856b7736
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:34:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js | 142.250.74.74 | 200 OK | 34 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js IP142.250.74.74:0
File typeASCII text, with very long lines (32341) Hash856f85cc1b07156fa844b44a10c236c2 7cef457c0e1cd0c20f4e699564ea8997f0332021 c61aa9ce7b32f93630abac1a4b27382f9333e0ff69477c9d9099070ae0742b01
GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.oldschool.com-fr.cz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 19:35:05 GMT
expires: Fri, 15 Dec 2023 19:35:05 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 104382
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| secure.oldschool.com-fr.cz/assets/weblogin/js/global.js?10 | 93.158.238.139 | 200 OK | 526 B |
URL HTTP/1.1secure.oldschool.com-fr.cz/assets/weblogin/js/global.js?10 IP93.158.238.139:0 ASN#60503 FNX Tecnologia LTDA
Hash5938d7782f3d47553fd4c9e9fbe3e5e6 a636d9db460a8382642d39a6b0267b4bf709dc03 20297208a84b65463d8c3af6eae970657553cf6d6dc1a1e1aad9409ce7c58ee1
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /assets/weblogin/js/global.js?10 HTTP/1.1
Host: secure.oldschool.com-fr.cz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.oldschool.com-fr.cz/m=weblogin/oldschool_login181,375,648,71156322,2912
Cookie: PHPSESSID=h752mirk9cs2apqa5getjgd752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 17 Dec 2022 01:35:40 GMT
Content-Type: application/javascript
Last-Modified: Sun, 17 Mar 2019 14:40:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"5c8e5c74-60c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash385bad1390edf4dc694548a3f7b16281 57536fa694ef8306c436a37dbfc2f82af2344120 e6ad8e17f7b82dc9b46e5e99a73b59fa284fa72cf737dada269da9cf856b7736
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:34:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| secure.oldschool.com-fr.cz/assets/oldschool/css/site2.css?v=7 | 93.158.238.139 | 200 OK | 87 kB |
URL HTTP/1.1secure.oldschool.com-fr.cz/assets/oldschool/css/site2.css?v=7 IP93.158.238.139:0 ASN#60503 FNX Tecnologia LTDA
File typeASCII text, with very long lines (65536), with no line terminators Hash9b4fa26646dc834610d31669ce6395dc bd6a46445be4974ba753800ee70dd8e26b05f46c 68d5f9a620a30c7d71a45c68828c0d3ccd2e1de861c2a850c0b482f664ff91c4
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /assets/oldschool/css/site2.css?v=7 HTTP/1.1
Host: secure.oldschool.com-fr.cz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.oldschool.com-fr.cz/m=weblogin/oldschool_login181,375,648,71156322,2912
Cookie: PHPSESSID=h752mirk9cs2apqa5getjgd752
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 17 Dec 2022 01:35:40 GMT
Content-Type: text/css
Last-Modified: Sun, 14 Feb 2021 09:13:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6028e9ae-47038"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
|
|
| secure.oldschool.com-fr.cz/assets/oldschool/img/logos/oldschool.png | 93.158.238.139 | 200 OK | 30 kB |
URL HTTP/1.1secure.oldschool.com-fr.cz/assets/oldschool/img/logos/oldschool.png IP93.158.238.139:0 ASN#60503 FNX Tecnologia LTDA
File typePNG image data, 202 x 92, 8-bit/color RGBA, non-interlaced\012- data Hash43440fc6bd46ed53716a5c796d741d25 5aeadffcf6d799cb8c93229fe7bde013c91e710c f3eb8d586a710fd04797363692acb5593196681b589f8491a43be0fc68000474
GET /assets/oldschool/img/logos/oldschool.png HTTP/1.1
Host: secure.oldschool.com-fr.cz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.oldschool.com-fr.cz/m=weblogin/oldschool_login181,375,648,71156322,2912
Cookie: PHPSESSID=h752mirk9cs2apqa5getjgd752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 17 Dec 2022 01:35:40 GMT
Content-Type: image/png
Content-Length: 29503
Last-Modified: Sun, 17 Mar 2019 14:40:50 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "5c8e5c72-733f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
|
|
| secure.oldschool.com-fr.cz/assets/social/google.svg | 93.158.238.139 | 200 OK | 381 B |
URL HTTP/1.1secure.oldschool.com-fr.cz/assets/social/google.svg IP93.158.238.139:0 ASN#60503 FNX Tecnologia LTDA
File typeSVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (763), with no line terminators Hashde161922f98e77d4715a9454cd258148 08fdf55495c877849da148543192c74873879b16 a1d9aa50a93b912980ab1c7c97b92eb685cd5016a77624a55c51f177149a8df7
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /assets/social/google.svg HTTP/1.1
Host: secure.oldschool.com-fr.cz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.oldschool.com-fr.cz/assets/oldschool/css/site2.css?v=7
Cookie: PHPSESSID=h752mirk9cs2apqa5getjgd752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 17 Dec 2022 01:35:40 GMT
Content-Type: image/svg+xml
Last-Modified: Sun, 14 Feb 2021 03:33:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"602899fe-2fb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
|
|
| secure.oldschool.com-fr.cz/assets/social/vista.jpg | 93.158.238.139 | 200 OK | 221 kB |
URL HTTP/1.1secure.oldschool.com-fr.cz/assets/social/vista.jpg IP93.158.238.139:0 ASN#60503 FNX Tecnologia LTDA
File typeJPEG image data, baseline, precision 8, 1920x1024, components 3\012- data Size221 kB (220933 bytes) Hash7063551e92a0622ae413d7aab0f13876 1f9a200c30fa501d0daaec37886dd1f2935a3882 0d690a71366e2edcb0e01a46ebe2ec24a13a122e5ecf894c8b80457fc78e44ac
GET /assets/social/vista.jpg HTTP/1.1
Host: secure.oldschool.com-fr.cz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.oldschool.com-fr.cz/assets/oldschool/css/site2.css?v=7
Cookie: PHPSESSID=h752mirk9cs2apqa5getjgd752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 17 Dec 2022 01:35:40 GMT
Content-Type: image/jpeg
Content-Length: 220933
Last-Modified: Sun, 14 Feb 2021 06:42:02 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6028c63a-35f05"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
|
|
| secure.oldschool.com-fr.cz/assets/oldschool/img/oldschool-192.png | 93.158.238.139 | 200 OK | 60 kB |
URL HTTP/1.1secure.oldschool.com-fr.cz/assets/oldschool/img/oldschool-192.png IP93.158.238.139:0 ASN#60503 FNX Tecnologia LTDA
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data Hash852988b7ad7e84c9042a5d4f68ef24ea cc54b08d144ce91f530a29da45aa60cdf1d48b2f 0a3a57be798b94d3aa5d4db61f93b6d3a6a8392b678ef5ae414737f2a5324baf
GET /assets/oldschool/img/oldschool-192.png HTTP/1.1
Host: secure.oldschool.com-fr.cz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.oldschool.com-fr.cz/m=weblogin/oldschool_login181,375,648,71156322,2912
Cookie: PHPSESSID=h752mirk9cs2apqa5getjgd752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 17 Dec 2022 01:35:41 GMT
Content-Type: image/png
Content-Length: 60121
Last-Modified: Sun, 17 Mar 2019 14:40:50 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "5c8e5c72-ead9"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
|
|
| secure.oldschool.com-fr.cz/assets/oldschool/img/oldschool-16.png | 93.158.238.139 | 200 OK | 905 B |
URL HTTP/1.1secure.oldschool.com-fr.cz/assets/oldschool/img/oldschool-16.png IP93.158.238.139:0 ASN#60503 FNX Tecnologia LTDA
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Hashc29a75f32196de9997477ceee3b34f6c eaf804656c961c3f05246892c46c23fc92423dc2 8ada154e57d354322b19dd62251ebe0b6f97face0c54aaa1ffedd51d72eafd41
GET /assets/oldschool/img/oldschool-16.png HTTP/1.1
Host: secure.oldschool.com-fr.cz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.oldschool.com-fr.cz/m=weblogin/oldschool_login181,375,648,71156322,2912
Cookie: PHPSESSID=h752mirk9cs2apqa5getjgd752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 17 Dec 2022 01:35:41 GMT
Content-Type: image/png
Content-Length: 905
Last-Modified: Sun, 17 Mar 2019 14:40:52 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "5c8e5c74-389"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
|
|
| secure.oldschool.com-fr.cz/runescape/ajax/osrs/2912 | 93.158.238.139 | 200 OK | 0 B |
URL HTTP/1.1secure.oldschool.com-fr.cz/runescape/ajax/osrs/2912 IP93.158.238.139:0 ASN#60503 FNX Tecnologia LTDA
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /runescape/ajax/osrs/2912 HTTP/1.1
Host: secure.oldschool.com-fr.cz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://secure.oldschool.com-fr.cz/m=weblogin/oldschool_login181,375,648,71156322,2912
Cookie: PHPSESSID=h752mirk9cs2apqa5getjgd752
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 17 Dec 2022 01:35:41 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/7.2.34
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab3e4365-26b7-4a94-a43a-aa8b34ec9d30.jpeg | 34.120.237.76 | 200 OK | 3.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab3e4365-26b7-4a94-a43a-aa8b34ec9d30.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3b10096b589872abc03d6befdaa8d08c 3ce5ecf8b36fdf9e7f537f9d0d9010239b00c633 d8019629d58b20fdd78b1e0c2bb5e55ed9bb4f22c9b103e92958b25ef5400ac1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab3e4365-26b7-4a94-a43a-aa8b34ec9d30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3054
x-amzn-requestid: 3e3096e9-c31f-497c-9c84-506cfebda1c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKbSIE0qIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a7273-5d2a9cc44c94435f340c8c47;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 01:03:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: no2kJzz9gyUN2M4jzdxQQuQub_D_7n2Rn8siUbcpVym9pC3uURfQfQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:50:26 GMT
age: 9867
etag: "3ce5ecf8b36fdf9e7f537f9d0d9010239b00c633"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|